In the following, we inform you about the processing of personal data when using mindtrajour.com.
The entity responsible for data processing is:
MindTrajour UG (limited liability)
Larissa Lange
Straße der Jugend 18
14974 Ludwigsfelde
Email: datenschutz@mindtrajour.com
Protecting your privacy is very important to us. Therefore, please read this privacy policy carefully.
We detail the scope of data processing, purposes of processing, and legal bases below.
Art. 4 No. 1 GDPR: Personal data are all data that can be related to a specific natural person (e.g., their name or IP address).
Art. 4 No. 2 GDPR: "Processing" is any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
The following legal bases are generally considered for data processing:
1. Data Transfer Based on an Adequacy Decision Pursuant to Art. 45 GDPR
If we transfer data to service providers or other third parties outside the EEA, adequacy decisions by the EU Commission under Art. 45 (3) GDPR ensure the safety of the data transfer, where available, as is the case for the UK, Canada, and Israel.
2. Data Transfer to the USA
On July 10, 2023, the Data Privacy Framework came into effect. The USA is thus a safe third country under EU data protection law. The tools we use are certified by the US Department of Commerce for the Data Privacy Framework: Google Inc., Vercel Inc., Meta Platforms Inc. (Instagram, Facebook).
3. Data Transfer Subject to Appropriate Safeguards Pursuant to Art. 46 GDPR
If there is no decision under Art. 45 (3) GDPR, a controller or processor may only transfer personal data to a third country or international organization if the controller or processor has provided appropriate safeguards, and if enforceable rights and effective legal remedies are available to the data subjects.
Unless a specific storage period is mentioned within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under commercial law); in the latter case, deletion will occur after these reasons no longer apply.
As a data subject, you have the following rights:
For questions regarding data collection and processing, please contact us directly at datenschutz@mindtrajour.com.
This website is hosted externally. The personal data collected on this website is stored on the servers of the service provider listed below. This includes IP addresses, contact requests, meta and communication data, contract data, contact details, names, and website access logs.
The use of the hosting service is to fulfill our contractual obligations to our customers (Art. 6(1)(b) GDPR) and to ensure a secure and fast provision of the online presence by the professional provider (Art. 6(1)(f) GDPR). The hosting provider will process your data only to the extent necessary to fulfill its service obligations.
The following hosting providers are used:
a. Vercel
Our website uses the data hosting service "Vercel" by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, privacy@vercel.com.
More information on Vercel's handling of user data can be found in their privacy policy at Vercel Privacy Policy.
b. Amazon Web Services (AWS)
Our website uses the data hosting service "AWS" (Amazon Web Services) by Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109-5210, USA, aws-security@amazon.com.
More information on AWS's handling of user data can be found in their privacy policy at AWS Privacy Policy.
c. Supabase
Our website uses the data hosting service "Supabase" by Supabase, Inc., 970 Toa Payoh North #07-04, Singapore 318992.
More information on Supabase's handling of user data can be found in their privacy policy at Supabase Privacy Policy.
When using the website for informational purposes only, i.e., when visitors do not transmit information separately, we collect personal data that your browser transmits to our server to ensure the stability and security of our website. This constitutes our legitimate interest, thus the legal basis is Art. 6(1)(1)(f) GDPR.
Server Log Data
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
This data is not merged with other data types.
The collection of this data is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the technically error-free presentation and optimization of our website – for this purpose, the server log files must be recorded.
What are Cookies?
Cookies are small text files stored on your device when you visit our website. They allow us to save your activities and preferences (such as login data, language, font size, and other display settings) over a certain period, so you don't have to re-enter them each time you visit the website.
What Types of Cookies Do We Use?
We use different types of cookies for various purposes on our website:
We use a cookie consent cookie to determine the cookie settings of users of our website. This cookie is stored locally on the user's device. This is technically necessary for the use of the website and is therefore subject to our legitimate interest, so the legal basis is Art. 6(1)(1)(f) GDPR.
Our website MindTrajour uses web beacons (also known as "pixel tags" or "clear GIFs"). Web beacons are small graphic files embedded on our web pages or in our emails. They allow us to monitor the behavior of users on our website and the effectiveness of our email campaigns.
a. Purpose of Use
We use web beacons for the following purposes:
Analysis and Improvement: Web beacons help us analyze the use of our website and thus improve our content and services. They allow us to understand which pages are visited, how long a user stays on a page, and what actions they take.
Performance Monitoring: Web beacons enable us to monitor the performance and effectiveness of our website and our email campaigns. This helps us optimize the user experience and ensure that our marketing communications are relevant and engaging.
Marketing and Advertising: Web beacons allow us to measure and understand the effectiveness of our online advertising. They also help us identify user segments most likely to be interested in our offerings.
Inquiries via Email or Phone
If you contact us via email or phone or the contact form on the website, your request, including the resulting personal data (name, request, email address, phone number), will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR, if your request is related to the fulfillment of a contract or necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of the inquiries addressed to us (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), if this was requested.
We delete the data arising in this context after storage is no longer necessary, or restrict the processing if there are statutory retention obligations.
We use the customer relationship management application (CRM) system by Monday.com LLC, Hahashmonaim St 22, Tel Aviv-Yafo, Israel, for storing your data.
More information on the handling of user data can be found in the privacy policy of Monday.com at Monday.com Privacy Policy or privacy@monday.com.
a. Google Analytics (Analytical/Performance Cookies)
We use Google Analytics for website analysis, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The legal basis is your consent, Art. 6(1)(a) GDPR, which we obtain through the cookie consent tool. You can revoke your consent at any time. After your consent, Google Analytics processes your data.
More information on the handling of user data can be found in the privacy policy of Google Analytics at Google Analytics Privacy Policy.
b. Google Ads (Analytical/Performance Cookies)
We use Google Advertisement to receive evaluations of our website visitors. It is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The legal basis is your consent, Art. 6(1)(a) GDPR, which we obtain through the cookie consent tool. You can revoke your consent at any time. After your consent, Google Advertisement processes your data.
More information on the handling of user data can be found in the privacy policy of Google Analytics at Google Analytics Privacy Policy.
c. Google Tag Manager (Web Beacon)
We use the Google Tag Manager for analyzing our Google Ads, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The Google Tag Manager is a tracking code that allows us to measure and optimize advertising campaigns and associate user behavior on our website with our Google Ads.
The legal basis is your consent, Art. 6(1)(a) GDPR, which we obtain through the cookie consent tool. You can revoke your consent at any time. After your consent, your data is processed by the Google Tag Manager.
More information on the handling of user data can be found in the privacy policy of Google Analytics at Google Analytics Privacy Policy.
d. Microsoft Clarity (Analytical/Performance Cookies)
We use Microsoft Clarity to optimize the website. It captures user behavior on the website. It is a product of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
The legal basis is your consent, Art. 6(1)(a) GDPR, which we obtain through the cookie consent tool. You can revoke your consent at any time. After your consent, Microsoft Clarity processes your data.
More information on the handling of user data can be found in the privacy policy of Microsoft Clarity at Microsoft Privacy Statement.
e. Beehiiv Newsletter Application
If you have expressly consented according to Art. 6(1)(a) GDPR, we use the data provided by you on our Beehiiv newsletter application, 20 W 22nd St, New York, NY 10010, USA. You can revoke your consent at any time.
More information on the handling of user data can be found in the privacy policy of Beehiiv at Beehiiv Privacy Policy.
Your data will be sent to this newsletter provider for the purpose of sending newsletters. Your consent also applies to this: Through web beacons or tracking pixels that track and transmit various information about you, it is possible for us to see and analyze the following:
This data is not used to create a profile.
You can unsubscribe at any time via a link at the end of each newsletter. You can also send your unsubscribe request via email to datenschutz@mindtrajour.com.
For more information on how your data is handled, please refer to the privacy policy of Beehiiv: Beehiiv Privacy Policy.
f. Customer Data Management with Monday.com
To store your contact data, we use the Customer Relationship Management (CRM) system from monday.com LLC, Hahashmonaim St 22, Tel Aviv-Yafo, Israel.
The legal basis for processing is our legitimate interest in responding to inquiries directed at us. The legal basis for processing is therefore Art. 6 Para. 1 S. 1 lit. f GDPR.
For more information on how your data is handled, please refer to the privacy policy of Monday.com: Monday.com Privacy Policy or privacy@monday.com.
g. Google Fonts
To display our website, we use the fonts from Google Fonts, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The legal basis for processing is our legitimate interest in ensuring an appealing and uniform presentation of our website. The legal basis for processing is therefore Art. 6 Para. 1 S. 1 lit. f GDPR.
Third Parties
a. Session Cookies from Supabase (technically necessary)
Our MindTrajour software uses session cookies from "Supabase" by Supabase, Inc., 970 Toa Payoh North #07-04, Singapore 318992.
The legal basis is our legitimate interest, Art. 6 Para. 1 lit. f GDPR, as otherwise we cannot ensure a smooth login process into the software.
For more information on how user data is handled, please refer to the Supabase privacy policy: Supabase Privacy Policy.
b. Apple OAuth (technically necessary)
We use the Apple OAuth service from Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA for the login to our MindTrajour software.
The legal basis is your consent, Art. 6 Para. 1 lit. a GDPR, which we obtain through the cookie consent tool. You can withdraw your consent at any time. After your consent, your data will be processed by the Apple OAuth service.
For more information on how user data is handled, please refer to the Apple privacy policy: Apple Privacy Policy.
c. Google OAuth (technically necessary)
We use the Google OAuth service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland for the login to our MindTrajour software.
The legal basis is your consent, Art. 6 Para. 1 lit. a GDPR, which we obtain through the cookie consent tool. You can withdraw your consent at any time. After your consent, your data will be processed by the Google Tag Manager.
For more information on how user data is handled, please refer to the Google Analytics privacy policy: Google Privacy Policy.
We are present on social media networks to introduce our organization and services. The operators of these networks regularly process their users' data for advertising purposes. Among other things, they create user profiles based on their online behavior, which are used to show ads that match the users' interests on the network's pages and elsewhere on the internet. To do this, the network operators store information about user behavior in cookies on the users' computers. It is also possible that the operators combine this information with other data. More information and advice on how users can object to the processing by the site operators can be found in the privacy policies of the respective operators listed below. It is also possible that the operators or their servers are located outside the EU, which means they process data there. This can pose risks to users, for example, because enforcing their rights can be more difficult or state authorities can access the data.
If users of the networks contact us via our profiles, we process the data provided to us to respond to the inquiries. This constitutes our legitimate interest, so the legal basis is Art. 6 Para. 1 S. 1 lit. f GDPR.
1. Instagram
We have a profile on "Instagram." The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.
For more information and the applicable privacy policy of "Instagram," please refer to: Instagram Privacy Policy.
2. LinkedIn
We have a profile on "LinkedIn." The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
For more information and the applicable privacy policy of "LinkedIn," please refer to: LinkedIn Privacy Policy.
We reserve the right to change this privacy policy with effect for the future. A current version is always available here.
As of May 24, 2024